Legal

Privacy Policy

We are committed to protecting your personal data and being transparent about how we use it.

This policy explains what personal data Beyond The Logo collects, why we collect it, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Please read it carefully.

1. Who We Are

Beyond The Logo is a brand storytelling and videography business based in the United Kingdom. We operate the website beyondthelogo.uk (the "Website").

For the purposes of UK GDPR, Beyond The Logo is the data controller — the organisation responsible for deciding how and why your personal data is processed.

If you have any questions about this policy or how we handle your data, please contact us at: hello@beyondthelogo.uk

2. What Personal Data We Collect

We only collect personal data that you choose to provide to us directly, or that is generated automatically when you browse our Website.

Data you provide

  • Full name — collected via our contact form
  • Email address — collected via our contact form
  • Telephone number — optionally provided via our contact form
  • Company name — optionally provided via our contact form
  • Message content — any information you choose to include in your enquiry

Data collected automatically

  • IP address — collected by our web hosting provider for security and server log purposes
  • Browser type and version
  • Pages visited and time spent on the Website — if analytics are enabled
  • Referring website — the site you came from before visiting ours

We do not collect any special category data (such as health information, ethnicity, or political opinions) and we do not knowingly collect data from children under the age of 16.

3. How We Use Your Personal Data

We use the personal data we collect for the following purposes:

  • To respond to your enquiry — when you submit our contact form, we use your name, email address, and message to reply to you
  • To maintain records — we keep a record of communications for administrative purposes
  • To improve our Website — anonymised usage data helps us understand how visitors use the site and where improvements can be made
  • To comply with legal obligations — where we are required to retain or disclose information by law

We will not use your personal data to send you unsolicited marketing communications without your explicit consent.

4. Our Legal Basis for Processing

Under UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following:

  • Legitimate interests (Article 6(1)(f)) — for responding to enquiries you have sent to us, and for maintaining basic server logs. We have assessed that our legitimate interest in operating a business and responding to potential clients is not overridden by your rights and freedoms.
  • Legal obligation (Article 6(1)(c)) — where we are required to process data to comply with applicable law.
  • Consent (Article 6(1)(a)) — where you have explicitly agreed to a specific use of your data, such as receiving marketing updates. You may withdraw consent at any time.

5. How Long We Keep Your Data

We retain personal data only for as long as is necessary for the purposes set out in this policy:

  • Contact form enquiries — retained for up to 2 years from the date of last contact, after which they are securely deleted
  • Server logs — typically retained for up to 90 days by our hosting provider
  • Financial or legal records — retained for up to 7 years as required by HMRC guidelines

Where there is an ongoing client relationship, data may be retained for the duration of that relationship and for a reasonable period thereafter.

6. Who We Share Your Data With

We do not sell, rent, or trade your personal data to any third parties for marketing purposes.

We may share your data with the following categories of third party, only where strictly necessary:

  • Web hosting and email providers — our hosting infrastructure processes data as part of delivering the Website and email services. These providers act as data processors under our instruction.
  • Professional advisers — such as accountants or legal advisers, where required and under strict confidentiality obligations.
  • Law enforcement or regulatory bodies — where we are legally required to disclose information.

Any third parties we work with are required to handle your data securely and in accordance with UK data protection law.

7. Cookies

Our Website may use cookies — small text files placed on your device — to support basic website functionality. We do not currently use third-party advertising or tracking cookies.

Types of cookies we may use:

  • Strictly necessary cookies — essential for the Website to function correctly
  • Analytics cookies — if enabled, used to understand how visitors interact with the site (anonymised data only)

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Website. For more information, visit ico.org.uk.

8. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These measures include:

  • HTTPS encryption on all pages of the Website
  • Restricted access to contact form submissions
  • Secure email communications

While we take reasonable precautions, no method of electronic transmission or storage is 100% secure. We cannot guarantee the absolute security of data transmitted over the internet.

9. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access — you may request a copy of the personal data we hold about you
  • Right to rectification — you may ask us to correct inaccurate or incomplete data
  • Right to erasure — you may request that we delete your personal data, subject to certain legal obligations
  • Right to restriction — you may ask us to restrict processing of your data in certain circumstances
  • Right to data portability — where applicable, you may request your data in a structured, machine-readable format
  • Right to object — you may object to processing based on legitimate interests
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at hello@beyondthelogo.uk. We will respond within one calendar month of receiving your request.

10. Complaints

If you believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the UK's data protection supervisory authority:

Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We would, however, appreciate the opportunity to address your concerns before you approach the ICO. Please contact us first at hello@beyondthelogo.uk.

11. Third-Party Links

Our Website may contain links to third-party websites, including our Instagram profile (@beyondthelogouk). We are not responsible for the privacy practices of third-party websites and encourage you to review their privacy policies before providing any personal data.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

Continued use of the Website following any update constitutes your acknowledgement of the revised policy.